1731d7b8e206c05cc1877419e7b6009a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1731d7b8e206c05cc1877419e7b6009a_JaffaCakes118
Size

68KB
MD5

1731d7b8e206c05cc1877419e7b6009a
SHA1

b58f85610a1340f2ece0e80df956ab7640a737bf
SHA256

c08f9f289836fa0d81ddacee4766b92d714654ae739c9d7a314a29fc019ac14f
SHA512

3d5414fe04da60299fb17c9339424ae0bfe2230a5baea9091b74eb0820e5af0f5a2cc9863d76fa8f7a60d18142994d589b8556beffa71b12b024ecff9e67e8fa
SSDEEP

1536:JpcvBq2h8vAI6QYwvxjFPJ0b3FFceF72g6S1eZBc:Jp+hLi/JE34ekg6S1cc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1731d7b8e206c05cc1877419e7b6009a_JaffaCakes118

Files

1731d7b8e206c05cc1877419e7b6009a_JaffaCakes118
.dll windows:4 windows x86 arch:x86

d3b10c87a3425ac01609aef2e3e950ef

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

gdi32

DeleteDC

msvcrt

srand

user32

GetWindow

Exports

Exports

CancelDll
LoadDll

Sections

.text
Size: 13KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE